grill-me
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, credentials, or unauthorized network operations were identified. The skill is designed for a legitimate requirements-clarification workflow.
- [PROMPT_INJECTION]: The skill uses directive language to define a specific persona ("exacting product architect") and set behavioral constraints (e.g., "Do not summarize, do not plan, and do not implement while material unknowns remain"). These instructions are functional for the skill's stated purpose and do not attempt to bypass core AI safety guidelines.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists due to the "research-first" instruction to inspect artifacts such as tickets, logs, and configuration files.
- Ingestion points: Local file artifacts (code, docs, tickets, logs, configs, diagrams, schemas) and user input collected via the
request_user_inputtool in SKILL.md. - Boundary markers: Absent; the skill does not specify delimiters or instructions to ignore embedded directives within researched content.
- Capability inventory: Uses environment-provided tools for artifact research and user interaction (request_user_input).
- Sanitization: No explicit sanitization or validation of the content discovered during research is defined.
Audit Metadata